Job for GRC Manager at First Point Group

At First Point Group we’ve made the global telecoms & technology recruitment industry our business. For clients such as Huawei, Amdocs, Juniper and Ericsson the strategic contribution of FPG, a trusted global partner who knows their industry inside out, is an invaluable business asset. Over the years, we've gained deep industry expertise and experience, and developed close relationships with a vast network of telecoms and technology professionals around the world. As a result, we’re perfectly placed to help our clients and candidates deliver the next generation of technology. We are recruiting to fill the vacant position below:       Job Title: GRC Manager Location: Nigeria Key Responsibilities The following key activities are in scope for the ICT Assessment that would benchmark a bank’s IT against banking best practices and provide recommendations. The security assessment will include the following:

• Security Vision, Risk view & Compliance Management Requirements Study relative to industry.
• Study of Organizational Structure, Current Roles and Responsibilities & proposal for future organisation.
• Development of detailed security strategy and roadmap.
• Only IT Processes and related infrastructure is in scope
• Analysis of existing Security Processes, technology architecture and Programs.
• Study of Security Awareness across the organization.
• Initial run of best fit Information Security Benchmarking Methodology and Process for FBN including handover to internal team.
• Policies and prioritized assets shall be subject to review for the purpose of identification of gaps, where the assets shall be prioritized during the initial phases of the assessment

• Experience in working in security the Banking domain (mandatory)
• Worked on Projects involving security benchmarking (mandatory)
• Exposure to industry acclaimed information governance, risk and security standards/frameworks and professional practices (NIST, ISO, COBIT, ITIL, ISSA, etc.)
• Knowledge of the typical information risk and security operational practices
• Knowledge of information security related solutions, tools and utilities
• Experience in working in information security risk management, control assessment, and in guiding the client through Control Implementation (mandatory)
• Proven customer handling skills of senior stakeholders of client organization, e.g. CISO, CIO (mandatory)
• Knowledge and awareness of the latest information risk, security and compliance innovations, trends, challenges and solutions
• Bachelor’s degree (four-year college or university) in Business Administration, Computer Science, Information Systems, Engineering or related field, or equivalent combination of education and experience

• CISA or CISM (Mandatory)
• ISO 27001 Lead Auditor, CISSP, CGEIT, or CRISC certification(s) (Desired)
• ITIL Foundations (or higher) certification (Desired)
• COBIT Foundations certification (Desired)